19 Sep
2001
19 Sep
'01
12:39
Yup, On 19-Sep-01 webmaster wrote:
Hi list, May I ask you to write how that rejecting is with ipchains? Antal
you could use snort ( http://www.snort.org ) together with
guardian ( http://home.golden.net/~elim/ ) to block IPs accessing
cmd.exe/default.ida on your server. However, you will have an awful lot of
blocked IPs if you�re going that way, given the widespread distribution of Code
Red/II or nimda worms at the moment. Don�t do this if you�re running a firewall
with a sub-Pentium CPU, e. g 486 DX4-100/66... ;)
Boris Lorenz